SUMMARY:

• About 3+ years of experience in Vulnerability testing, Monitoring and Data expertise across multiple software’s .
• Well conversant with the latest technological trends in Information security field including Management practices and regulatory Issues
• Experience in technical aptitude of enterprise networking concepts including routers, switches, firewalls and peripheral equipment from vendors including Cisco and IBM.
• Log Monitoring using SIEM.
• Security incident and event manager (SIEM) configurations and Log analysis.
• Monitoring of Multiple Security Incidents using SIEM tool - McAfee Nitro
• Conduct network vulnerability assessments using Nexpose tool to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
• Will perform cyber security incident response, event analysis and investigations
• Manage the SIEM infrastructure.
• Conduct routine social engineering tests and clean-desk audits.
• SIEM incident analysis and Alert creations.
• IPS/IDS (Intrusion Prevention Systems) management, signatures analysis.
• Vulnerability assessment and penetration testing.
• Utilized IPS/IDS (intrusion prevention systems/intrusion detection systems) systems on a daily basis in order to determine if Cyveillance customer(s) are experiencing specific malware attacks.
• Strong Knowledge on apps like Splunk Db Connect V.2, Splunk App for AWS, Splunk Add-on for AWS, SOS.
• Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder.
• Expert in handing of High volume of data for transformation and routing.
• Conducted incident prevention, detection/analysis, containment, eradication and aid recovery across IT systems and Administrating McAfee SIEM, and Monitoring McAfee DLPe, McAfee Web Gateway Etc.
• Installing, configuring and updating Red hat Linux6/7
• Self-motivated with good analytical abilities to comprehend things and carry out assignments in a prioritized manner
• Perfectionist, committed to accuracy and attention to detail.

TECHNICAL SKILLS:

Vulnerability Assessment tools: Nessus, Qualys, Burp suite, Nmap, Metasploit McAfee Nitro, McAfee ESM VMware

Compliance: ISO 27001, NIST 800-53, HIPAA, PCI

Firewalls & Switches: Cisco Firewalls Cisco ASA, IDS, IBM, Palo alto, Juniper

Operating Systems: Unix, Linux, IBM, Windows 8/7/vista/2000

Scripting: Shell Scripting, Java script, HTML, Pyton

Programming languages: C, C++, java

Technologies: VMware workstation, VMware ESX server Splunk 6.5

PROFESSIONAL EXPERIENCE:

INFORMATION SECURITY ANALYST

Confidential, Boston

Responsibilities:

• Worked on SecurVue and NGS SIEM tool kit.
• Analyzing daily SIEM incidents and suggesting action plan per severity.
• Doing forensic searches to found new incidents and alerts fine tuning.
• Daily vulnerability snap shot analysis.
• Implementing SIEM and troubleshooting SIEM on customer environment.
• Setting anomalies as per thresholds to improve incident quality.
• Raw log analysis for missing incidents.
• Data Loss Prevention
• Trained users on use of Splunk and helped design reports and alerts for users’ needs.
• Preparing and analyzing monthly health check and Security reports.
• Preparing plans firewall and IPS rule implementations.
• Preparing anti counter measure reports malware attacks and networks attacks and Latest vulnerabilities released.
• Performed security research, analysis and design for all client computing systems and the network infrastructure.
• Developed, implemented, and documented formal security programs and policies.
• Monitored events, responded to incidents and reported findings.
• Utilized Security Information and Event Management (SIEM), sniffers and malware analysis tools.
• Monitoring IDS and IPS in SIEM
• Monitoring DLPe in SIEM prospective
• Monitoring McAfee Web Gateway
• Identified vulnerabilities, recommend corrective measures and ensure the adequacy of existing information security controls.

SECURITY ANALYST

Confidential

Responsibilities:

• Worked on security designs for complex, multi-platform systems.
• Sub netting, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
• Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
• Configure and install firewalls and intrusion detection systems.
• Conducted systems testing to ensure critical vulnerabilities are identified.
• Experience in protecting systems by defining access privileges, control structures, and resources.
• Determined security violations and inefficiencies by conducting periodic audits.
• Implemented security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Implemented and maintain security controls.
• Work on initiatives to propose, design, configure, implement and test strategic security system solutions to address complex technical and business requirements.
• Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication
• Served as technical and/or project management leadership for large, complex projects using cross- functional teams.
• Provided Levels 2 or Level 3 technical support and after hours on-call technical support.
• Worked as a team with your infrastructure and end-user systems partners to remediate vulnerabilities.
• Keeping users informed by preparing performance reports; communicating system status.
• Maintaining quality service by following organization standards.
• Performed data extrapolation and validation of reports for analysis and audits.